setfacl not working for me... how should I do it?
Hello all,
I'm using RED HAT ENTERPRISE LINUX 5. Let's look at this folder layout: -A |--B |--C |--D |--E Let's say that the group G1 has access to the A folder (and all the subfolders). I have a long samba definition file that uses groups to allow various people to reach folders. The samba portion that affects the folder A is: [A] path = /AI need to exclude the folders B and C for one user of that group. Is that possible? I've been trying to use setfacl -x u:user_to_be_excluded /A/B but as the user_to_be_excluded is from the group G1 setfacl is not working... I've modified the fstab file in order to activate the acl: LABEL=/A /A ext3 defaults,acl 1 2 And I've restarted the computer. and I've used mount |grep acl to see that the changes in the fstab file have been applied (and they are). What would you do in my case? Thank you in advance! |
Next time after adding the acl to fstab, you can simply run:
#mount -o remount /mount_dir Next up. The -x you specify will remove a specific ACL entry. Since you did not make a ACL for the specific user, there is nothing to remove for that user. Try #setfacl -R -m u:user:--- /path/to/dir then check with #getfacl But considering this is SAMBA related, I am not sure it will work. I have never tested it. I know for a fact that this sort of ACL schemes will work with NFS4. You may want to look at controlling those aspects from the samba server itself, maybe by specifying rules to allow access to those folders on a host based authentication scheme. |
could you explain that a little bit more?
Quote:
Could you give me some pointers on how to do that? Thank you in advance! |
I am not that familiar with advanced samba configurations either as I never really use it apart from sharing internally.
But you can try changing the share in samba.conf: [share_name] path = /path/to/folder and add invalid users = user1 user2 etc The following links may be useful: http://www.samba.org/samba/docs/man/...html#id2611921 http://www.cyberciti.biz/tips/how-do...ba-shares.html |
All times are GMT -5. The time now is 07:07 PM. |